Пример #1
0
    def handle_error(self, request, exception, token_type="access", *args, **kwargs):
        body = exception.read()
        try:
            d = urlparse.parse_qs(body)
        except ValueError:
            error = "unexpected_response"
            oauth_problem = None
        else:
            error = "oauth_problem"
            oauth_problem = d.get("oauth_problem", [None])[0]

        ExternalServiceToken.remove(request.user, self.conf.local_name)

        try:
            breadcrumbs = self.breadcrumb(request, {"oauth_problem": True}, *args, **kwargs)
        except Exception, e:
            breadcrumbs = (
                self.conf.local_name,
                (reverse("%s:index" % self.conf.local_name), self.conf.title),
                (reverse("%s:index" % self.conf.local_name), self.conf.title),
                True,
                "Authentication error",
            )
Пример #2
0
    def access_token(self, request, *args, **kwargs):
        token_type, request_token = ExternalServiceToken.get(request.user, self.conf.local_name, (None, None))
        if token_type != "request":
            return HttpResponseBadRequest()
        if request_token.key != request.GET.get("oauth_token"):
            return HttpResponseBadRequest()

        oauth_request = oauth.OAuthRequest.from_consumer_and_token(
            request.consumer,
            token=request_token,
            verifier=request.GET.get("oauth_verifier"),
            http_url=request.client.access_token_url,
        )

        oauth_request.sign_request(self.signature_method, request.consumer, request_token)

        try:
            access_token = request.client.fetch_access_token(oauth_request)
        except urllib2.HTTPError, e:
            return self.handle_error(request, e, "request_token", *args, **kwargs)
Пример #3
0
    def __call__(self, request, *args, **kwargs):

        token_type, access_token = ExternalServiceToken.get(request.user, self.conf.local_name, (None, None))

        self.add_consumer_to_request(request)

        if "oauth_token" in request.GET and token_type == "request":
            return self.access_token(request, *args, **kwargs)

        self.add_opener_to_request(request, access_token if token_type == "access" else None)

        # If we aren't authenticated but the view requires it then try
        # to obtain a valid oauth token immediately.
        if token_type != "access" and getattr(self, "force_auth", False):
            return self.authorize(request, *args, **kwargs)

        try:
            return super(OAuthView, self).__call__(request, *args, **kwargs)
        except OAuthHTTPError, e:
            if e.code in (401, 403) and not (token_type == "request" and "oauth_token" in request.GET):
                return self.authorize(request, *args, **kwargs)
            else:
                return self.handle_error(request, e.exception, *args, **kwargs)
Пример #4
0
                "No OAuth shared secret has been set for app %r. Check that the server is configured with the right credentials."
                % self.conf.local_name
            )

        try:
            token = request.client.fetch_request_token(oauth_request)
        except urllib2.HTTPError, e:
            if e.code == 401:
                raise ImproperlyConfigured(
                    "OAuth shared secret not accepted by service %r. Check that the server is configured with the right credentials."
                    % self.conf.service_name
                )
            else:
                return self.handle_error(request, e)

        ExternalServiceToken.set(request.user, self.conf.local_name, ("request", token), authorized=False)

        oauth_request = oauth.OAuthRequest.from_token_and_callback(
            token=token, http_url=request.client.authorization_url
        )

        if (
            getattr(self.conf, "oauth_authorize_interstitial", True)
            and not request.GET.get("skip_interstitial") == "true"
        ):
            index_url = reverse("%s:index" % self.conf.local_name)
            context = {
                "return_url": request.META.get("HTTP_REFERER", index_url),
                "authorize_url": oauth_request.to_url(),
                "service_name": self.conf.service_name,
                "breadcrumbs": (